IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Sophos recommends ‘walled garden’ to Facebook

Sophos suggests Facebook could adopt Apple's "walled garden" approach to apps to better protect its users.

Facebook

Facebook has defended its security efforts after a report suggested it should follow Apple's "walled garden" approach to apps.

Security firm Sophos said the closed Apple approach "has proven effective in protecting users from maliciously crafted applications."

A Sophos poll carried out amongst Facebook users found 95.51 per cent of users agreed the Apple approach would be better for security.

Facebook said it has extensive controls so when a users wants to add an application it only gets access to "very limited data" and the user needs to approve each additional type of data.

"We have a dedicated team that does robust review of all third-party applications, using a risk-based approach," a spokesperson for the social networking giant said.

"So, that means that we first look at velocity/number of users/types of data shared, and prioritise. This ensures that the team is focused on addressing the biggest risks, rather than just doing a cursory review at the time that an app is first launched."

Facebook said it acts fast to remove or sanction any potentially malicious applications before they gain access to user data. In some cases the company said it will go as far as to bring in law enforcement.

The Sophos report also indicated security threats had risen across social networks, including Facebook.

"Rogue applications, clickjacking, survey scams all unheard of just a couple of years ago, are now popping up on a daily basis on social networks such as Facebook," said Graham Cluley, senior technology consultant at Sophos.

"Why aren't Faceboook and other social networks doing more to prevent spam and scams in the first place?"

The survey showed two-fifths of respondents had been sent malware over social networking sites, representing a 90 per cent increase since summer 2009.

Eight in 10 respondents said Facebook posed the biggest risk to the security of their systems.

Facebook again defended its record in securing users from the likes of spam and malicious software.

"As a result of our efforts, the data we have on interactions of more than 500 million people using Facebook shows that spam, malware and other attacks have decreased in their effectiveness - the opposite conclusion reached by a security vendor," the Facebook spokesperson said.

"It's much more important to measure effectiveness than it is to measure volume. If your spam filter catches all the spam, does it matter that your filter caught 10 per cent more?"

Facebook was involved in another privacy debate this week, as users and security professionals complained about a feature allowing developers to access user phone numbers and addresses.

Facebook removed the feature, saying it wanted to ensure users were only giving away data they wanted to hand over to third parties.

An updated version of the feature is expected to appear in the coming weeks.

IT PRO, meanwhile, has discovered photos with privacy restrictions on them could easily be spread across the internet without users' knowledge.

By simply right clicking and selecting copy image location' on a photo, anyone can then paste the URL to share it with unauthorised users, even those not on Facebook.

Featured Resources

Accelerating AI modernisation with data infrastructure

Generate business value from your AI initiatives

Free Download

Recommendations for managing AI risks

Integrate your external AI tool findings into your broader security programs

Free Download

Modernise your legacy databases in the cloud

An introduction to cloud databases

Free Download

Powering through to innovation

IT agility drive digital transformation

Free Download

Recommended

Meta hit with €17 million fine over multiple GDPR breaches
data protection

Meta hit with €17 million fine over multiple GDPR breaches

16 Mar 2022
Meta says Apple's iOS privacy changes will cost it $10 billion in 2022
privacy

Meta says Apple's iOS privacy changes will cost it $10 billion in 2022

3 Feb 2022
Google, Facebook fined €210 million for making it difficult for users to reject cookies
Policy & legislation

Google, Facebook fined €210 million for making it difficult for users to reject cookies

6 Jan 2022
The IT Pro Products of the Year 2021: The year’s best hardware and software
Hardware

The IT Pro Products of the Year 2021: The year’s best hardware and software

31 Dec 2021

Most Popular

How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

7 Jun 2022
Attracting and retaining talent through training
Sponsored

Attracting and retaining talent through training

13 Jun 2022
The top programming languages you need to learn for 2022
Careers & training

The top programming languages you need to learn for 2022

23 Jun 2022